| ID |
CVE-2006-5270
|
| Summary |
Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:microsoft:antigen:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:antigen:*:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:forefront_security:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:forefront_security:*:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_defender:*:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_live_onecare:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_live_onecare:*:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 9.3 (as of 12-10-2018 - 21:41) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
| bid | 22479 | | cert | TA07-044A | | cert-vn | VU#511577 | | osvdb | 31888 | | sectrack | 1017636 | | secunia | 24146 | | vupen | ADV-2007-0579 |
|
| Last major update |
12-10-2018 - 21:41 |
| Published |
13-02-2007 - 20:28 |
| Last modified |
12-10-2018 - 21:41 |
